RFP: Trust Assurance Framework

Why It Matters

• Turns "privacy marketing" into something closer to SOC2-style assurance narratives
• Enables institutional risk teams to evaluate solutions using familiar frameworks
• Unblocks procurement decisions that stall on "we don't understand the trust model"

Scope

In-Scope

• Standardized "assurance card" template covering:
  • Trust roots (sequencer, prover, DA committee, TEE manufacturer)
  • Cryptographic assumptions (hardness assumptions, parameter choices)
  • Upgrade/admin key risks
  • Hardware trust surface (for TEE-based systems)
  • Failure modes (censorship, data withholding, key compromise)
  • Side-channel and metadata leakage surface
• Assurance cards for major privacy approaches:
  • ZK rollups (Aztec-style)
  • TEE-based privacy (SGX/SEV/Nitro)
  • MPC coordination
  • FHE computation
• Controls mapping: what institutions can mitigate via audits, attestation, key management

Out-of-Scope

• Full security audits of specific implementations
• Legal/compliance assessments
• Performance benchmarking (see Benchmark Dashboard)

Deliverables

• Assurance card template (markdown format, compatible with iptf-map patterns)
• 4-6 completed assurance cards for major privacy system types
• "Red team scenarios" document (3-5 attack scenarios per system type)
• Controls mapping guide for institutional risk teams

Dependencies

Requires:

• Access to public documentation for major privacy systems
• Review of existing threat models (where published)

Enables:

• Informed institutional procurement decisions
• Foundation for Benchmark Dashboard trust dimensions
• Input to custody and compliance RFPs

See Also

• Pattern: TEE-Based Privacy
• Pattern: Threshold Encrypted Mempool
• Vendors — Systems to analyze
• GitHub Issue #27 — Performance and trust assumptions mapping